Very slow ftp on ASA 5510

- A
- Arek Czereszewski
  
  Contact options for registered users
posted
17 years ago

Tue, Aug 8, 2006 9:16 AM

Hello,

I have annoying problem with ftp. I have: ASA 5510 with active IPS. In DMZ I have several servers. Every day I have to puts many files via ftp from workstations in LAN connected to ASA inside interface. Connection work fine, but for each one file ftp client waits ~60 secounds after transmission. When I have turned off the IPS everythings work fine. I did several test with IPS rules and any give correct results. Example: I turned off every rules for FTP.

Could you tell me what is wrong with ASA or IPS configuration?

Best regards Arek

Loading thread data ...

- J
- J
  
  Contact options for registered users
Vote on answer
posted
17 years ago

Tue, Aug 8, 2006 10:09 PM

Sniff the traffic on both ends with the IPS turned on and with it off and compare the results. I would expect it's something like the packets needed for PMTU to function are blocked or some other similar thing. Sniffing the traffic will give you a better idea though.

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.